diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2007-06-25 13:57:19 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2007-06-25 13:57:19 +0000 |
commit | e75d5ce81c5b9d9c241416dd4c70623d01d4a9b5 (patch) | |
tree | 89c5139f962c5155d7bfadb4a2bda611931a96df /sys | |
parent | 120b3953d62993f5c14d0ea9e6432064fee2958f (diff) |
pretty mechanical change: now that the state tables use seperate state
keys that can map to multiple states (last not least for ifbound) we don't
need state tables hanging off each struct kif representing an interface
any more. use two globals for the two tables. ok markus ryan
Diffstat (limited to 'sys')
-rw-r--r-- | sys/net/if_pfsync.c | 6 | ||||
-rw-r--r-- | sys/net/pf.c | 22 | ||||
-rw-r--r-- | sys/net/pfvar.h | 9 |
3 files changed, 21 insertions, 16 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c index 7d807d40ff0..0922153b6be 100644 --- a/sys/net/if_pfsync.c +++ b/sys/net/if_pfsync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_pfsync.c,v 1.81 2007/06/24 11:17:13 mcbride Exp $ */ +/* $OpenBSD: if_pfsync.c,v 1.82 2007/06/25 13:57:18 henning Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff @@ -426,9 +426,9 @@ pfsync_input(struct mbuf *m, ...) return; } for (sk = RB_MIN(pf_state_tree_lan_ext, - &pfi_all->pfik_lan_ext); sk; sk = nextsk) { + &pf_statetbl_lan_ext); sk; sk = nextsk) { nextsk = RB_NEXT(pf_state_tree_lan_ext, - &pfi_all->pfik_lan_ext, sk); + &pf_statetbl_lan_ext, sk); TAILQ_FOREACH(st, &sk->states, next) { if (st->creatorid == creatorid) { st->sync_flags |= diff --git a/sys/net/pf.c b/sys/net/pf.c index 31f86c2754c..fe745703f34 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.547 2007/06/24 11:17:13 mcbride Exp $ */ +/* $OpenBSD: pf.c,v 1.548 2007/06/25 13:57:18 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -95,6 +95,10 @@ * Global variables */ +/* state tables */ +struct pf_state_tree_lan_ext pf_statetbl_lan_ext; +struct pf_state_tree_ext_gwy pf_statetbl_ext_gwy; + struct pf_altqqueue pf_altqs[2]; struct pf_palist pf_pabuf; struct pf_altqqueue *pf_altqs_active; @@ -531,11 +535,11 @@ pf_find_state(struct pfi_kif *kif, struct pf_state_key_cmp *key, u_int8_t tree) switch (tree) { case PF_LAN_EXT: - sk = RB_FIND(pf_state_tree_lan_ext, &pfi_all->pfik_lan_ext, + sk = RB_FIND(pf_state_tree_lan_ext, &pf_statetbl_lan_ext, (struct pf_state_key *)key); break; case PF_EXT_GWY: - sk = RB_FIND(pf_state_tree_ext_gwy, &pfi_all->pfik_ext_gwy, + sk = RB_FIND(pf_state_tree_ext_gwy, &pf_statetbl_ext_gwy, (struct pf_state_key *)key); break; default: @@ -564,7 +568,7 @@ pf_find_state_all(struct pf_state_key_cmp *key, u_int8_t tree, int *more) case PF_LAN_EXT: TAILQ_FOREACH(kif, &pfi_statehead, pfik_w_states) { sk = RB_FIND(pf_state_tree_lan_ext, - &pfi_all->pfik_lan_ext, (struct pf_state_key *)key); + &pf_statetbl_lan_ext, (struct pf_state_key *)key); if (sk == NULL) continue; ret = TAILQ_FIRST(&sk->states); @@ -578,7 +582,7 @@ pf_find_state_all(struct pf_state_key_cmp *key, u_int8_t tree, int *more) case PF_EXT_GWY: TAILQ_FOREACH(kif, &pfi_statehead, pfik_w_states) { sk = RB_FIND(pf_state_tree_ext_gwy, - &pfi_all->pfik_ext_gwy, (struct pf_state_key *)key); + &pf_statetbl_ext_gwy, (struct pf_state_key *)key); if (sk == NULL) continue; ret = TAILQ_FIRST(&sk->states); @@ -821,7 +825,7 @@ pf_insert_state(struct pfi_kif *kif, struct pf_state *s) KASSERT(s->state_key != NULL); s->kif = kif; - if ((cur = RB_INSERT(pf_state_tree_lan_ext, &pfi_all->pfik_lan_ext, + if ((cur = RB_INSERT(pf_state_tree_lan_ext, &pf_statetbl_lan_ext, s->state_key)) != NULL) { /* key exists. check for same kif, if none, add to key */ TAILQ_FOREACH(sp, &cur->states, next) @@ -835,7 +839,7 @@ pf_insert_state(struct pfi_kif *kif, struct pf_state *s) /* if cur != NULL, we already found a state key and attached to it */ if (cur == NULL && (cur = RB_INSERT(pf_state_tree_ext_gwy, - &pfi_all->pfik_ext_gwy, s->state_key)) != NULL) { + &pf_statetbl_ext_gwy, s->state_key)) != NULL) { /* must not happen. we must have found the sk above! */ pf_stateins_err("tree_ext_gwy", s, kif); pf_detach_state(s, PF_DT_SKIP_EXTGWY); @@ -2822,10 +2826,10 @@ pf_detach_state(struct pf_state *s, int flags) if (--sk->refcnt == 0) { if (!(flags & PF_DT_SKIP_EXTGWY)) RB_REMOVE(pf_state_tree_ext_gwy, - &pfi_all->pfik_ext_gwy, sk); + &pf_statetbl_ext_gwy, sk); if (!(flags & PF_DT_SKIP_LANEXT)) RB_REMOVE(pf_state_tree_lan_ext, - &pfi_all->pfik_lan_ext, sk); + &pf_statetbl_lan_ext, sk); pool_put(&pf_state_key_pl, sk); } } diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 6afe622c164..5aa42b65b39 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfvar.h,v 1.252 2007/06/24 11:17:13 mcbride Exp $ */ +/* $OpenBSD: pfvar.h,v 1.253 2007/06/25 13:57:18 henning Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -755,7 +755,6 @@ struct pf_state { #define PFSTATE_STALE 0x04 }; - /* * Unified state structures for pulling states out of the kernel * used by pfsync(4) and the pf(4) ioctl. @@ -1015,6 +1014,10 @@ RB_PROTOTYPE(pf_state_tree_ext_gwy, pf_state_key, TAILQ_HEAD(pfi_statehead, pfi_kif); RB_HEAD(pfi_ifhead, pfi_kif); +/* state tables */ +extern struct pf_state_tree_lan_ext pf_statetbl_lan_ext; +extern struct pf_state_tree_ext_gwy pf_statetbl_ext_gwy; + /* keep synced with pfi_kif, used in RB_FIND */ struct pfi_kif_cmp { char pfik_name[IFNAMSIZ]; @@ -1027,8 +1030,6 @@ struct pfi_kif { u_int64_t pfik_bytes[2][2][2]; u_int32_t pfik_tzero; int pfik_flags; - struct pf_state_tree_lan_ext pfik_lan_ext; - struct pf_state_tree_ext_gwy pfik_ext_gwy; TAILQ_ENTRY(pfi_kif) pfik_w_states; void *pfik_ah_cookie; struct ifnet *pfik_ifp; |